"""
认证服务抽象接口
==============

定义认证服务的抽象基类，所有具体的认证实现都应该继承此接口。
"""

from abc import ABC, abstractmethod
from typing import Any, Optional, Union, Dict, List
from datetime import datetime, timedelta


class AbstractAuthService(ABC):
    """抽象认证服务"""
    
    @abstractmethod
    async def create_token(
        self, 
        user_id: str, 
        user_data: Optional[Dict[str, Any]] = None,
        expires_delta: Optional[timedelta] = None
    ) -> str:
        """
        创建访问令牌
        
        Args:
            user_id: 用户ID
            user_data: 用户数据
            expires_delta: 过期时间增量
            
        Returns:
            JWT令牌字符串
        """
        pass
    
    @abstractmethod
    async def verify_token(self, token: str) -> Optional[Dict[str, Any]]:
        """
        验证访问令牌
        
        Args:
            token: JWT令牌字符串
            
        Returns:
            令牌载荷，无效则返回None
        """
        pass
    
    @abstractmethod
    async def refresh_token(self, refresh_token: str) -> Optional[str]:
        """
        刷新访问令牌
        
        Args:
            refresh_token: 刷新令牌
            
        Returns:
            新的访问令牌，失败则返回None
        """
        pass
    
    @abstractmethod
    async def revoke_token(self, token: str) -> bool:
        """
        撤销令牌
        
        Args:
            token: 要撤销的令牌
            
        Returns:
            是否撤销成功
        """
        pass
    
    @abstractmethod
    async def create_refresh_token(self, user_id: str) -> str:
        """
        创建刷新令牌
        
        Args:
            user_id: 用户ID
            
        Returns:
            刷新令牌字符串
        """
        pass
    
    @abstractmethod
    async def verify_refresh_token(self, refresh_token: str) -> Optional[str]:
        """
        验证刷新令牌
        
        Args:
            refresh_token: 刷新令牌
            
        Returns:
            用户ID，无效则返回None
        """
        pass
    
    @abstractmethod
    async def authenticate_user(self, username: str, password: str) -> Optional[Dict[str, Any]]:
        """
        用户认证
        
        Args:
            username: 用户名
            password: 密码
            
        Returns:
            用户信息，认证失败则返回None
        """
        pass
    
    @abstractmethod
    async def get_current_user(self, token: str) -> Optional[Dict[str, Any]]:
        """
        获取当前用户信息
        
        Args:
            token: 访问令牌
            
        Returns:
            用户信息，无效令牌则返回None
        """
        pass
    
    @abstractmethod
    async def check_permission(
        self, 
        user_id: str, 
        resource: str, 
        action: str
    ) -> bool:
        """
        检查用户权限
        
        Args:
            user_id: 用户ID
            resource: 资源名称
            action: 操作名称
            
        Returns:
            是否有权限
        """
        pass
    
    @abstractmethod
    async def get_user_roles(self, user_id: str) -> List[str]:
        """
        获取用户角色
        
        Args:
            user_id: 用户ID
            
        Returns:
            角色列表
        """
        pass
    
    @abstractmethod
    async def has_role(self, user_id: str, role: str) -> bool:
        """
        检查用户是否有指定角色
        
        Args:
            user_id: 用户ID
            role: 角色名称
            
        Returns:
            是否有该角色
        """
        pass
    
    @abstractmethod
    async def create_session(self, user_id: str, session_data: Optional[Dict[str, Any]] = None) -> str:
        """
        创建用户会话
        
        Args:
            user_id: 用户ID
            session_data: 会话数据
            
        Returns:
            会话ID
        """
        pass
    
    @abstractmethod
    async def get_session(self, session_id: str) -> Optional[Dict[str, Any]]:
        """
        获取会话信息
        
        Args:
            session_id: 会话ID
            
        Returns:
            会话数据，不存在则返回None
        """
        pass
    
    @abstractmethod
    async def destroy_session(self, session_id: str) -> bool:
        """
        销毁会话
        
        Args:
            session_id: 会话ID
            
        Returns:
            是否销毁成功
        """
        pass
    
    @abstractmethod
    async def health_check(self) -> Dict[str, Any]:
        """
        健康检查
        
        Returns:
            健康状态信息
        """
        pass


class AbstractPasswordManager(ABC):
    """抽象密码管理器"""
    
    @abstractmethod
    async def hash_password(self, password: str) -> str:
        """
        哈希密码
        
        Args:
            password: 明文密码
            
        Returns:
            哈希后的密码
        """
        pass
    
    @abstractmethod
    async def verify_password(self, password: str, hashed: str) -> bool:
        """
        验证密码
        
        Args:
            password: 明文密码
            hashed: 哈希密码
            
        Returns:
            是否匹配
        """
        pass
    
    @abstractmethod
    async def generate_password(self, length: int = 12) -> str:
        """
        生成随机密码
        
        Args:
            length: 密码长度
            
        Returns:
            随机密码
        """
        pass
    
    @abstractmethod
    async def validate_password_strength(self, password: str) -> Dict[str, Any]:
        """
        验证密码强度
        
        Args:
            password: 密码
            
        Returns:
            验证结果
        """
        pass


class AbstractTokenConfig(ABC):
    """抽象令牌配置"""
    
    @property
    @abstractmethod
    def secret_key(self) -> str:
        """JWT密钥"""
        pass
    
    @property
    @abstractmethod
    def algorithm(self) -> str:
        """JWT算法"""
        pass
    
    @property
    @abstractmethod
    def access_token_expire_minutes(self) -> int:
        """访问令牌过期时间（分钟）"""
        pass
    
    @property
    @abstractmethod
    def refresh_token_expire_days(self) -> int:
        """刷新令牌过期时间（天）"""
        pass
